There is a website I use at work, external to our own. They have just presented with every employee with their plain text password and username via our internal website which requires our own logins.
...

I see many people spoofing MAC address for personal use.
But when I search for spoofing IMEI/MEID of a device there are so many people screaming that I should not do it whatever the reason is. What ...

I am developing form for a company dealing with visa, receiving such data as passport number or other personal info is crucial. Are there any laws, regarding the way how it should be collected?
I know ...

If a company were to lax behind in security patching (knowingly), would there be any potential legal ramifications?
Obviously if private customer data is stolen as a result of a breach using security ...

Yesterday, I just visit a shopping site which use serial payment method and I type in some serials randomly then my account have 100USD; I just want to 'test' that website (for the bug bounty), is my ...

I have software installed on my computer that has encryption capabilities. This is the case both for things like VPN/SSL, and also GPG. I don't really use GPG (there are not that many people I can use ...

I'm planning to make a simple remote administration tool with the basic features that are available on all other rats in the market. However, I'm really worrying about legal issues after marketing it. ...

Is it illegal to publish an exploit against a known vulnerability in US? The exploit could be published in one's blog or places like exploit-DB. It seems that in countries like Germany and France such ...

There are many situations where the validity of the timestamp attached to a certain post (submission of information) might be invaluable for the post owner's legal usage. I'm not looking for a service ...

Is there any case-law where having or not having a legal notice (example here) in the login banner of a system of nay kind made a difference in prosecution? The question is in consideration both of ...

A friend shared a "security service" he just read about. Apparently the product is in beta and can thus be tried by anyone right now. I found it very interesting and surprising. I'm curious to know ...

I am reading Cybersecurity and Cyberwar by P.W. Singer, and trying to tie the subject in with a government class project. I am looking laws and policies regarding cyberspace or cyber security, passed ...

I've heard that using encryption outside military use has been illegal for a long time in the USA.
However, I've also heard that when the regulation was updated, limits were put on encryption strength ...

According to news reports, arrests have already been made in relation to the Heartbleed bug. It sounds like this person managed to gain access to the website's database by capturing the credentials ...

So , how does the police find/monitor criminals' actions (eavesdropping) that do cyber crime(pornography , drug trafficking etc..) without breaking their privacy, and succesfully catch em and provide ...

I have had experience with an ISP that slows down all encrypted connections (down to an average 20-35 KBps) I was wondering if a) this is legal b)how can they do it and c) is there a way to bypass it. ...

Note: I realize there is no legally binding talk hereinafter.
There are lots of leaked password hashes on the internet. Twitter searches for "hash dump" pull back tons of links, generally from "deep ...

A comment posted on one of my questions the other day raised a question in my head. I know that many site admins appreciate users reporting bugs and security holes, and as a user I appreciate people ...

Given a site that publishes unique content online and given that there are lots of site scrapers and persons stealing content and reposting it as their own, inevitably you will have the same content ...

It's my understanding that the more bits an encryption key has, the longer it takes to break the encryption. What is the down side of having a larger encryption key or why don't we see keys of size ...

With so many identities stolen last ten years, we know a bunch of emails and a bunch of passwords.
Are the two following databases legal under the US federal laws?
Publish a database which victim's ...

Is it illegal to impersonate user-agents when you are crawling a website?
If so, what and how a legal action can be taken against the faking requester? Is this law applies only for crawlers or a user ...

Cloud providers have a great infrastructure to perform DDoS simulations. You can get thousands of virtual machines with different IP addresses, fully customizable with the tools you need for testing. ...

Do privacy protection laws within Germany/EU protect students from gross invasions of privacy? I have reason to believe that through some either permitted or unsanctioned channel my teacher was able ...

Recent events like the Lavabit case have shown that it is no loger possible to host a server in the United States and guarantee your users that you will keep their data confidential, because the US ...